In the U.K., it’s well known that late payments bedevil firms – but what of payments fraud? Impersonation fraud, also known as business email compromise scams, is gaining traction in the region, hitting SMEs hard – half a million of them, as noted in a recent report by Lloyd’s Bank.
In the United Kingdom, it’s not just late payments bedeviling small and mid-sized firms.
There also is the specter of payments fraud.
In a recent report via Lloyd’s Bank, trends point toward growth in what is known as impersonation fraud, perhaps more commonly known as business email compromise.
It’s rampant enough so that these smaller firms lose as much as 27,000 pounds on average. About half a million firms have been impacted, said Lloyd’s.
As has been seen in other examples around the globe, the aim is to dupe companies into parting with their funds, where impersonation of a trusted email account or supplier or business relationship induces the fraudulent transaction. Money is sent to the bad guys’ accounts, of course.
As noted in Computer Weekly, a bit more than half of the respondents to the Lloyd’s survey said the bad apples had posed as a firm’s boss. Invoice fraud had been encountered by about 52 percent of those surveyed, in which the fraudsters change account details amid documentation that looks legitimate.
The impact can be significant, as 7 percent of firms said they had experienced financial hardship as a result of such fraudulent methods. Six percent have had to lay off staff.
It’s on the rise, this fraud, up 58 percent year over year, said Lloyd’s.
Among specific verticals, law firms are the most vulnerable at 19 percent of those affected, followed by HR firms and IT firms at 17 percent each.
There certainly seems to be room for improvement. As the survey noted, only 20 percent of those hit by fraud “think twice” about reconsidering and re-examining business requests, and a full 37 percent say they have no security precautions in place.
And lest you think that the younger, tech-savvy generation might be spared: Of the 1,500 SME professionals surveyed by the bank, 12 percent of millennials have been preyed upon by impersonation fraud, or know someone who has.
Ghosts in the (Corporate) Machine
Want insight into another type of fraud? How about one that is guaranteed to spook you? Call it “ghosting.”
Ghost employees, reports the Society for Human Resource Management, can and have been haunting firms. No mere specter, they can bring thousands (in some cases, millions) of dollars’ worth of havoc to a company.
For the full scope of the scam and the impact: Ghost employees, noted the site, are dead people living on in corporate payroll. Or they are real people, ex-employees, still alive. Or they are fictitious employees that never were. In all of these cases, they are still getting paid.
In the case of the ex-employees still drawing breath and paycheck, said the site, the fraudster “typically splits the ill-gotten gains with someone inside the organization who is perpetrating the fraud.”
In an interview with the site, L. Burke Files, president of the Arizona-based Financial Examinations & Evaluations, recounted that many of these fraudulent schemes involve the creation of more than one “ghost” identity. In one example, he noted that a bookkeeper for an oncology practice stole $260,000 by creating fake employees and fake vendors. The elimination of oversight done by humans can in fact hinder such detection, said Files, as “we’re automating more and more things and ending up with a single point of control, which becomes the single point of risk.”
In addition, companies with far-flung locations and remote workers are more vulnerable to fraud. The Association of Certified Fraud Examiners (ACFE) has estimated that payroll fraud is more common in the U.S. than might be seen elsewhere.